security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-04-17 15:44:34 +02:00
Code Activity

* verify.c (gpgsm_verify): Implemented non-detached signature

Browse Source 
verification.  Add OUT_FP arg, initialize a writer and changed all
callers.
* server.c (cmd_verify): Pass an out_fp if one has been set.
This commit is contained in:
Werner Koch 2001-12-20 16:51:06 +00:00
parent b65e1cf90a
commit 3b8cf6e497
5 changed files with 59 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
sm/ChangeLog
View File

@ -1,5 +1,10 @@
2001-12-20 Werner Koch <wk@gnupg.org> 2001-12-20 Werner Koch <wk@gnupg.org>
* verify.c (gpgsm_verify): Implemented non-detached signature
verification. Add OUT_FP arg, initialize a writer and changed all
callers.
* server.c (cmd_verify): Pass an out_fp if one has been set.
* base64.c (base64_reader_cb): Try to detect an S/MIME body part. * base64.c (base64_reader_cb): Try to detect an S/MIME body part.
* certdump.c (print_sexp): Renamed to gpgsm_dump_serial, made * certdump.c (print_sexp): Renamed to gpgsm_dump_serial, made

6
sm/gpgsm.c
View File

@ -1044,11 +1044,11 @@ main ( int argc, char **argv)
case aVerify: case aVerify:
if (!argc) if (!argc)
gpgsm_verify (&ctrl, 0, -1); /* normal signature from stdin */ gpgsm_verify (&ctrl, 0, -1, NULL); /* normal signature from stdin */
else if (argc == 1) else if (argc == 1)
gpgsm_verify (&ctrl, open_read (*argv), -1); /* normal signature */ gpgsm_verify (&ctrl, open_read (*argv), -1, NULL); /* std signature */
else if (argc == 2) /* detached signature (sig, detached) */ else if (argc == 2) /* detached signature (sig, detached) */
gpgsm_verify (&ctrl, open_read (*argv), open_read (argv[1])); gpgsm_verify (&ctrl, open_read (*argv), open_read (argv[1]), NULL);
else else
wrong_args (_("--verify [signature [detached_data]]")); wrong_args (_("--verify [signature [detached_data]]"));
break; break;

2
sm/gpgsm.h
View File

@ -164,7 +164,7 @@ void gpgsm_list_keys (CTRL ctrl, STRLIST names, FILE *fp);
int gpgsm_import (CTRL ctrl, int in_fd); int gpgsm_import (CTRL ctrl, int in_fd);
/*-- verify.c --*/ /*-- verify.c --*/
int gpgsm_verify (CTRL ctrl, int in_fd, int data_fd); int gpgsm_verify (CTRL ctrl, int in_fd, int data_fd, FILE *out_fp);
/*-- sign.c --*/ /*-- sign.c --*/
int gpgsm_sign (CTRL ctrl, int data_fd, int detached, FILE *out_fp); int gpgsm_sign (CTRL ctrl, int data_fd, int detached, FILE *out_fp);

14
sm/server.c
View File

@ -262,12 +262,24 @@ cmd_verify (ASSUAN_CONTEXT ctx, char *line)
int rc; int rc;
CTRL ctrl = assuan_get_pointer (ctx); CTRL ctrl = assuan_get_pointer (ctx);
int fd = assuan_get_input_fd (ctx); int fd = assuan_get_input_fd (ctx);
int out_fd = assuan_get_output_fd (ctx);
FILE *out_fp = NULL;
if (fd == -1) if (fd == -1)
return set_error (No_Input, NULL); return set_error (No_Input, NULL);
if (out_fd != -1)
{
out_fp = fdopen ( dup(out_fd), "w");
if (!out_fp)
return set_error (General_Error, "fdopen() failed");
}
rc = gpgsm_verify (assuan_get_pointer (ctx), fd, rc = gpgsm_verify (assuan_get_pointer (ctx), fd,
ctrl->server_local->message_fd); ctrl->server_local->message_fd, out_fp);
if (out_fp)
fclose (out_fp);
if (!rc) if (!rc)
{ {
/* close and reset the fd */ /* close and reset the fd */

49
sm/verify.c
View File

@ -83,9 +83,7 @@ store_cert (KsbaCert cert)
} }
/* Hash the data for a detached signature */
static void static void
hash_data (int fd, GCRY_MD_HD md) hash_data (int fd, GCRY_MD_HD md)
{ {
@ -112,16 +110,20 @@ hash_data (int fd, GCRY_MD_HD md)
} }
/* Perform a verify operation. To verify detached signatures, data_fd /* Perform a verify operation. To verify detached signatures, data_fd
must be different than -1 */ must be different than -1. With OUT_FP given and a non-detached
signature, the signed material is written to that stream. */
int int
gpgsm_verify (CTRL ctrl, int in_fd, int data_fd) gpgsm_verify (CTRL ctrl, int in_fd, int data_fd, FILE *out_fp)
{ {
int i, rc; int i, rc;
Base64Context b64reader = NULL; Base64Context b64reader = NULL;
Base64Context b64writer = NULL;
KsbaError err; KsbaError err;
KsbaReader reader; KsbaReader reader;
KsbaWriter writer = NULL;
KsbaCMS cms = NULL; KsbaCMS cms = NULL;
KsbaStopReason stopreason; KsbaStopReason stopreason;
KsbaCert cert; KsbaCert cert;
@ -157,6 +159,16 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd)
goto leave; goto leave;
} }
if (out_fp)
{
rc = gpgsm_create_writer (&b64writer, ctrl, out_fp, &writer);
if (rc)
{
log_error ("can't create writer: %s\n", gnupg_strerror (rc));
goto leave;
}
}
cms = ksba_cms_new (); cms = ksba_cms_new ();
if (!cms) if (!cms)
{ {
@ -164,7 +176,7 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd)
goto leave; goto leave;
} }
err = ksba_cms_set_reader_writer (cms, reader, NULL); err = ksba_cms_set_reader_writer (cms, reader, writer);
if (err) if (err)
{ {
log_debug ("ksba_cms_set_reader_writer failed: %s\n", log_debug ("ksba_cms_set_reader_writer failed: %s\n",
@ -199,12 +211,6 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd)
is_detached = 1; is_detached = 1;
log_debug ("Detached signature\n"); log_debug ("Detached signature\n");
} }
if (stopreason == KSBA_SR_BEGIN_DATA)
{
log_error ("error: only detached signatures are supportted\n");
rc = GNUPG_Not_Implemented;
goto leave;
}
if (stopreason == KSBA_SR_NEED_HASH if (stopreason == KSBA_SR_NEED_HASH
|| stopreason == KSBA_SR_BEGIN_DATA) || stopreason == KSBA_SR_BEGIN_DATA)
@ -228,10 +234,28 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd)
} }
hash_data (data_fd, data_md); hash_data (data_fd, data_md);
} }
else
{
ksba_cms_set_hash_function (cms, HASH_FNC, data_md);
}
}
else if (stopreason == KSBA_SR_END_DATA)
{ /* The data bas been hashed */
} }
} }
while (stopreason != KSBA_SR_READY); while (stopreason != KSBA_SR_READY);
if (b64writer)
{
rc = gpgsm_finish_writer (b64writer);
if (rc)
{
log_error ("write failed: %s\n", gnupg_strerror (rc));
goto leave;
}
}
if (data_fd != -1 && !is_detached) if (data_fd != -1 && !is_detached)
{ {
log_error ("data given for a non-detached signature\n"); log_error ("data given for a non-detached signature\n");
@ -418,6 +442,7 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd)
leave: leave:
ksba_cms_release (cms); ksba_cms_release (cms);
gpgsm_destroy_reader (b64reader); gpgsm_destroy_reader (b64reader);
gpgsm_destroy_writer (b64writer);
keydb_release (kh); keydb_release (kh);
gcry_md_close (data_md); gcry_md_close (data_md);
if (fp) if (fp)